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ABSTRACT [1] 

NASA Marshall Space Flight Center (MSFC) is currently 
at work developing hardware and systems for the Ares I 
rocket that will send future astronauts into orbit. Built on 
cutting-edge launch technologies, evolved powerful 
Apollo and Space Shuttle propulsion elements, and 
decades of NASA spaceflight experience. Ares I is the 
essential core of a safe, reliable, cost-effective space 
transportation system -- one that will carry crewed 
missions back to the moon, on to Mars and out into the 
solar system. 

Ares I is an in-line, two-stage rocket configuration 
topped by the Orion crew vehicle and its launch abort 
system. In addition to the vehicle's primary mission - 
carrying crews of four to six astronauts to Earth orbit — 
Ares I may also use its 25-ton payload capacity to deliver 
resources and supplies to the International Space Station, 
or to "park" payloads in orbit for retrieval by other 
spacecraft bound for the moon or other destinations. 
Crew transportation to the International Space Station is 
planned to begin no later than 2014. The first lunar 
excursion is scheduled for the 2020 timeframe. 

This paper presents the challenges in designing the Ares I 
upper stage for reliability and safety while minimizing 
weight and maximizing performance. 



Figure 1. 1 Concept Launch of Ares I 

1.1 First Stage 


1. INTRODUCTION [1] 

NASA is currently designing, testing, and evaluating 
hardware for the Ares I Crew Launch Vehicle (CLV) 
(Fig. 1.1), the next generation vehicle that will carry 
humans into Earth’s orbit and beyond. Ares I is an in- 
line, two-stage rocket configuration topped by the Orion 
crew exploration vehicle, its service module and a launch 
abort system. The Ares I CLV is separated into several 
element teams led by NASA Marshall Space Flight 
Center in Huntsville, Alabama. These element teams are 
the First Stage (FS), the Upper Stage Engine (USE), and 
the Upper Stage (US). This section presents an overview 
of these CLV elements. 


The FS Element is a single, five-segment reusable solid 
rocket booster derived from the Space Shuttle Program. 
It has a Reusable Solid Rocket Motor (RSRM) that bums 
a solid propellant called PolyButadiene AcryloNitrile 
(PBAN). A newly designed forward adapter will mate 
the FS to the US, and the US interstage will be equipped 
with booster separation motors to disconnect the stages 
during ascent. During the first 2.5 minutes of flight, the 
first stage booster powers the vehicle to an altitude of 
about 200,000 feet and a speed of Mach 6.1. 

ATK Thiokol of Brigham City, Utah, is the prime 
contractor for the first stage. 


1.2 Upper Stage Engine 

The Upper Stage Engine, the J-2X (Fig. 1.2), is an 
evolved variation of the J-2 engine that propelled the 
Saturn lB/Satum V, and the J-2S (the J-2S was a 
simplified version of the J-2 developed and tested in the 
early 1970s but never flown). After the FS separates, the 
J-2X engine ignites and powers the Orion to an altitude 
of about 63 miles. 

Pratt & Whitney Rocketdyne in Canoga Park, Calif., is 
the prime contractor for the CLV upper stage engine. 



Concept image of the J-2X engine. 
(NASA/MSFC) 

Figure 1.2 Concept Image of the J-2X 

1.3 Upper Stage 

The function of the Upper Stage is to complete the 
second portion of the ascent phase after the First Stage 
separates from the vehicle. 

The CLV Upper Stage (US) is the portion of the CLV 
extending from the first stage forward frustum to the 
Crew Exploration Vehicle (CEV) adapter. The Upper 
Stage consists of three major structural sections: the 
Instrument Unit, the Core Stage, and the Interstage. The 
Main Propulsion System provides LOX/LH2 fuel tanks, 
pressure system, and feedlines to the Upper Stage J2-X 
engine. The Roll Control System (RoCS) performs roll 
stabilization control of the vehicle prior to FS separation, 
and the Upper Stage Reaction Control System (RCS) 
provides attitude control to the vehicle during Upper 
Stage flight. The Upper Stage also provides Thrust 
Vector Control (TVC) to the Upper Stage Engine. The 
Upper Stage also provides control electronics for the 


entire CLV launch stack, as well as the separation 
systems required to perform first stage separation [2]. 


The Upper Stage of the Ares I Crew Launch Vehicle is 
primarily an in-house NASA design being led at 
Marshall Space Flight Center in Huntsville, Alabama. 
The following section presents a synopsis of the Risk 
Assessment process within the Upper Stage element. 

2. UPPER STAGE RISK ASSESSMENT 
PROCESS 

2.1 Organization 

The Upper Stage Element organization (Fig. 2.1) is led 
by an Upper Stage Office and each substructure under the 
US Office is an Integrated Product Team (EPT). The 
Upper Stage Safety and Mission Assurance (S&MA) 
organization operates adjunctively to the Upper Stage 
Office and is responsible for safety, reliability, quality, 
software assurance, and other mission assurance 
functions. 



The adjunctivity of the US S&MA organization and the 
nature of the EPT process requires reliability, safety, and 
quality engineers to be represented in each IPT. The IPT 
process then ensures that safety, reliability, and quality 
are designed into the system. 


2.2 Integrated Reliability, 

Maintainability, and Supportability 
(RMS) Analysis Process 

The RMS Analysis Process consists of three sub- 
processes, the Reliability Analysis Process, the 
Maintainability Analysis Process, and the Supportability 
Analysis Process (Fig. 2.2). 









2.2.1 The Reliability Analysis Process 


The Reliability Analysis (RA) Process starts with inputs 
from the Failure Modes and Effects Analyses (FMEA), 
Hazard Analyses (HA), and Human Factors/Software 
Reliability Analyses when available. This information, 
along with the information obtained during system 
familiarization within the IPT Process (i.e. system 
schematics) prompts the IPT reliability analyst to begin a 
baseline logic model of the system. In parallel with the 
logic model development, the reliability analyst collects 
available data and begins to quantify the reliability logic 
model. The model is further refined within the IPT 
process, and ultimately generates estimates for Loss of 
Mission (LOM) and Loss of Crew (LOC). A flow 
diagram of the Reliability Analysis process is shown in 
Fig. 2.3. 




Once the process of developing the logic models has 
begun within the IPT framework, the subsystem models 
are simultaneously integrated into a complete Upper 
Stage model. The integrated model is then analyzed for 


failures across subsystems. Sensitivity studies, 
uncertainty analysis, and scenario modeling will also be 
conducted within the integrated model and also at the 
lower level system models. 

2.2.1. 1 Development of Reliability Models 

within the IPT 

The reliability analysis within each IPT is of primary 
importance not only to the development of the models, 
but also for the feedback the analysis provides to the 
system designers. This feedback facilitates the process 
of influencing the design to make the system safer and 
more reliable. Thus, it can be said that the real goal of 
the reliability analysis is to improve design by identifying 
high probability failure modes and accident sequences, 
and mitigating those risks through system redesign. 

A flowchart representing the Reliability Analysis process 
within each EPT is shown in Fig. 2.4. The process begins 
with system familiarization and review of the current 
FMEAs, HAs, system schematics, available data, etc. 
Groundrules and assumptions of the modeling and the 
interpretation of system failures are then constructed and 
a preliminary model is developed. The system logic 
model, goundrules and assumptions, and data are then 
reviewed with the design engineers. The model is 
subsequently updated and reiterated until the model has 
IPT concurrence. To demonstrate concurrence, the IPT 
lead will sign a statement formally declaring that the 
Reliability Analysis model has been concurred with 
within the IPT. 




Figure 2.4 Reliability Analysis process within the IPT 


It should also be mentioned that, parallel to the 
development of the reliability logic model, reliability 
analyses are performed during trade and fault tolerance 
studies specific to that IPT. Depending upon the 











outcome of these studies, the subsequent analyses are 
potentially used as part of the system model. 


2.2.2 The Maintainability Analysis 
Process 

The inputs to the Maintainability Process consist of 
outputs from the Reliability Analysis Process (i.e. Mean 
Time To Failure (MTTF)), and information garnered 
from the Supportability Analysis Process regarding 
scheduled and unscheduled maintenance events. The 
process performs maintenance analysis to define the 
maintenance activity flow. Outputs of this task include 
Mean Time To Repair (MTTR), maintenance task 
definition, maintainability assessments, and maintenance 
characteristics. 

2.2.3 Supportability Analysis Process 

Supportability analysis is performed by the Logistics 
Support Integration (LSI) LPT. The MTTF, MTTR, and 
other related information garnered from the Reliability 
and Maintainability Analyses feed the Supportability 
Analysis Process. The Supportability Analyses will 
provide for the dynamic flow of interactions between the 
flight hardware, ground support equipment, processing 
personnel, and facilities. 

The combination of the outputs of all three processes 
within the RMS Analysis will subsequently generate 
system Availability estimates. 

3. INTEGRATED CREW LAUNCH 
VEHICLE PROBABILISTIC RISK 
ASSESSMENT (PRA) 

The Upper Stage PRA, in conjunction with the FS and 
USE PRAs, will be integrated by the S&MA Vehicle 
Integration Team. The Vehicle Integration (VI) PRA 
team performs a top-down analysis which includes 
analyses of ascent risk scenarios, abort modeling, and a 
thorough review of relevant historical failures. The VI 
PRA team then relays this information to the element 
Reliability Analysis/PRA teams and the models and 
analyses will incorporate this data and feed up to the VI 
team. The subsequent PRA models will then merge into 
an integrated PRA model for the Ares I launch vehicle. 
This analysis, combined with the PRA analysis of the 
Orion Crew Exploration Vehicle (CEV), integrate to 
form an integrated Crew Launch Vehicle (CLV) stack 
PRA. A flowchart of the CLV Integrated PRA approach 
is shown in Fig. 3.1. 



Figure 3. 1 Integrated CLV PRA Approach 


4. CHALLENGES AND 
OPPORTUNITIES 


4.1 Challenge I: Being the Prime 

Not since the Apollo Program in the 1960’s has NASA 
been so influential in the design of a space transportation 
system. The Space Shuttle and other attempts at next 
generation space transportation (Space Launch Initiative 
(SLI), Orbital Space Plane (OSP), etc.) relied on an open 
trade space and the Request For Proposal (RFP) process. 
The FS and the USE have Prime contractors, which make 
sense in this context due to the continuity of the 
contractors with the Shuttle/Satum derived hardware. 
The Upper Stage however, is unique in the sense that 
NASA is functioning as the ‘Prime’ contractor. 

By taking the lead in the design of the Upper Stage for 
Ares I, NASA is providing a unique opportunity to its 
design team and to the Safety and Reliability engineers 
within S&MA. The Upper Stage Project has partnered 
with S&MA to integrate both qualitative and quantitative 
reliability and risk assessment with the subsystem IPTs 
responsible for Upper Stage design through concurrent 
engineering. This approach has already produced 
demonstrated benefits by influencing the design for 
improved reliability for several subsystems. In addition, 
it offers potential long-term benefits to NASA because 
future project managers will be selected from today’s 
engineers who are getting the hands-on design 
experience necessary to successfully manage the 
development of future space exploration systems. 


In-house design presents challenges as well as 
opportunities. The learning curve is very steep for the 
Upper Stage designers and systems engineers. 
Management needs to take this into consideration or else 
the projected budget and workforce have the potential of 
being underestimated. 

4.2 Challenge II: Tight Schedule 

On May 25, 1961, President Kennedy announced: 

“I believe that this nation should commit itself to 
achieving the goal, before this decade is out, of landing a 
man on the Moon and returning him safely to the Earth. 
No single space project in this period will be more 
impressive to mankind, or more important in the long- 
range exploration of space; and none will be so difficult 
or expensive to accomplish.. ."[3] 

The first manned launch occurred in December 1968, 
carrying the Apollo 8 circumlunar mission. 

Similarly, on January 14 th , 2004 President Bush 
announced the “Vision for Space Exploration” with one 
of the goals being to develop and fly the Crew 
Exploration Vehicle (CEV) by 2012, but no later than 
2014. 

If the goal of 2012 is to be achieved, this would be 
comparable to the schedule of the development of the 
Saturn V. The evidence has shown that NASA has 
successfully overcome this schedule challenge in the 
past. We therefore have the confidence in overcoming 
this challenge today. 

4.3 Challenge III: Communication, 
Coordination, and Integration 

A third challenge is maintaining adequate 
communication and coordination within the IPTs and 
among the several layers of the Constellation 
organizational infrastructure. An approximate 
breakdown of the current NASA structure in supporting 
the Vision for Space Exploration in relation to the Upper 
Stage Organization is as follows: 


• Level 0 

- Vision for Space Exploration 

• Level 1 

- Exploration Systems Mission Directorate 

• Level 2 

- Constellation Program 

• Level 3 

- Ares I, Orion, etc. 

• Level 4 

- Upper Stage, First Stage, etc. 

• Level 5 

- MPS, RCS, etc. 


The challenge from an Upper Stage viewpoint is to 
integrate the level 5 system PRAs into an overall 
integrated Upper Stage PRA, while attempting to 
maintain consistency with the higher level Ares I 
integrated PRA at Level 3. Assuring consistency of PRA 
methodology within the Upper Stage will not be a 
driving issue because it is being developed in house with 
a single team of analysts. However, NASA learned from 
its development of the Space Shuttle PRA that it can be 
challenging to ensure consistent methodology across 
multiple contractors. This is particularly true regarding 
the data analysis used in quantification of basic events, 
such as combining prior data sources, discounting 
failures, assessing the applicability of failures, and the 
consistent failure-rate analysis of similar components 
across subsystems. Since the PRA will be used by the Cx 
Program to support risk-informed decision making and to 
allocate resources for risk mitigation across the program, 
it is imperative that risk be comparable. 

5. CONCLUSION 

Designing the Ares I Upper Stage for reliability and 
safety while minimizing weight and maximizing 
performance is indeed challenging. The reliability/ risk 
analysis process described in this paper has been adopted 
and employed in all aspects of the preliminary design 
phase to improve the reliability of the CLV and reduce 
the risk of loss of mission and loss of crew. This process 
will iterate and evolve throughout the program’s life 
cycle from design, development, testing and operation of 
the CLV. The process has already proven valuable in 
identifying preliminary design weaknesses that resulted 
in design improvements and higher reliability. 


6. ACRONYMS 


CEV 

Crew Exploration Vehicle 

CLV 

Crew Launch Vehicle 

FMEA 

Failure Modes and Effects Analyses 

FS 

First Stage 

HA 

Hazard Analysis 

HEI 

Hernandez Engineering Incorporated 

IPT 

Integrated Product Team 

LH2 

Liquid Hydrogen 

LOC 

Loss of Crew 

LOM 

Loss of Mission 

LOX 

Liquid Oxygen 

LSI 

Logistics Support Integration 

MTTF 

Mean Time To Failure 

MTTR 

Mean Time To Repair 

MSFC 

Marshall Space Flight Center 

NASA 

National Aeronautics and Space Administration 

OSP 

Orbital Space Plane 

PBAN 

PolyButadiene AcryloNitrile 

PRA 

Probabilistic Risk Assessment 

RA 

Reliability Analysis 

RCS 

Reaction Control System 

RoCS 

Roll Control System 

RFP 

Request For Proposal 

RMS 

Reliability Maintainability and Supportability 

RSRM 

Reusable Solid Rocket Motor 

SLI 

Space Launch Initiative 

S&MA 

Safety and Mission Assurance 

TVC 

Thrust Vector Control 

US 

Upper Stage 

USE 

Upper Stage Engine 

VI 

Vehicle Integration 
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